[Secure-testing-commits] r52632 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Jun 16 21:20:33 UTC 2017
Author: carnil
Date: 2017-06-16 21:20:33 +0000 (Fri, 16 Jun 2017)
New Revision: 52632
Modified:
data/CVE/list
Log:
mark gnuplot issue as no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-16 21:10:14 UTC (rev 52631)
+++ data/CVE/list 2017-06-16 21:20:33 UTC (rev 52632)
@@ -135,9 +135,11 @@
RESERVED
CVE-2017-9670 (An uninitialized stack variable vulnerability in load_tic_series() in ...)
- gnuplot 5.0.5+dfsg1-7 (bug #864901)
+ [stretch] - gnuplot <no-dsa> (Minor issue)
[jessie] - gnuplot <not-affected> (Vulnerable code introduced later)
[wheezy] - gnuplot <not-affected> (Vulnerable code introduced later)
- gnuplot5 <removed> (bug #864903)
+ [jessie] - gnuplot5 <no-dsa> (Minor issue)
NOTE: https://sourceforge.net/p/gnuplot/bugs/1933/
NOTE: The specific CVE is for the uninitialized stack variable fixed via set.c
NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1044638#c5
More information about the Secure-testing-commits
mailing list